How to get Windows Username through internet browser using Java/JSP or javascript?

java javascript jquery windows jsp

19,417

Solution 1

you can use below three files to get the windows user name into JSP session.

1.user1.html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<body>    
<script>
var myWindow;    
function openWin() {
    myWindow =window.open("http://cmtech9:8080/WinUser/GetUser.jsp","Login","height=50,width=150");
    setTimeout(function(){ myWindow.close() }, 3000);    
}   

</script>
<body onload="openWin();">
</body>
</html>

2.user.js this openes the tab and auto closes the tab

function testing() {    
        window.setTimeOut("window.close();",1000)
}

3.GetUser.jsp

<%@ page import="sun.misc.BASE64Encoder" %>
<%@ page import="java.util.regex.Matcher"%>
<%@ page import="java.util.regex.Pattern"%>
<head>
 <script type="text/javascript" src="user.js"></script>
    <script type="text/javascript">
       testing()
    </script>
</head>
<p><h4>Network Windows USERNAME without any login (ie)</h4></p>
 <body > 
<%
HttpSession sess = request.getSession(); 

String auth = request.getHeader("Authorization");
if (auth == null) {
        response.setStatus(response.SC_UNAUTHORIZED);
        response.setHeader("WWW-Authenticate", "NTLM");
        return;
}
if (auth.startsWith("NTLM ")) { 
        byte[] msg = 
           new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
        int off = 0, length, offset;
        String s;

        if (msg[8] == 1) { 
            off = 18;

            byte z = 0;
            byte[] msg1 =
                {(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S',
                (byte)'S', (byte)'P', z,
                (byte)2, z, z, z, z, z, z, z,
                (byte)40, z, z, z, (byte)1, (byte)130, z, z,
                z, (byte)2, (byte)2, (byte)2, z, z, z, z, // 
                z, z, z, z, z, z, z, z};
            // 
            response.setStatus(response.SC_UNAUTHORIZED);
            response.setHeader("WWW-Authenticate", "NTLM " 
               + new sun.misc.BASE64Encoder().encodeBuffer(msg1).trim());
            return;
        } 
        else if (msg[8] == 3) { 
                off = 30;
                length = msg[off+17]*256 + msg[off+16];
                offset = msg[off+19]*256 + msg[off+18];
                s = new String(msg, offset, length);
                //out.println(s + " ");
        } 
        else
                return;

        length = msg[off+1]*256 + msg[off];
        offset = msg[off+3]*256 + msg[off+2];
        s = new String(msg, offset, length);
        //out.println(s + " ");
        length = msg[off+9]*256 + msg[off+8];
        offset = msg[off+11]*256 + msg[off+10];
        s = new String(msg, offset, length);
        sess.setAttribute("username", s);
        out.println("Hello  <span style='position:relative; width:190;" 
            + " height:10;filter:glow(Color=#009966,Strength=1)'>");
        out.println(s + "</SPAN>");         

        String result=s.replaceAll("\\W", "");       
        System.out.println(result);//+""+result.length());        
       /* System.out.print(n.length()); */
        }
%>
</body>

Solution 2

Here's my answer, which is an updated version of Raman B's.

I've replaced sun.misc.BASE64Encoder with the more modern java.util.Base64 class.

<%@ page import="java.util.Base64" %>
<%@ page import="java.util.regex.Matcher"%>
<%@ page import="java.util.regex.Pattern"%>
<%
HttpSession sess = request.getSession(); 

String auth = request.getHeader("Authorization");
String result = "";
Base64.Encoder mimeEncoder = Base64.getMimeEncoder();
Base64.Decoder mimeDecoder = Base64.getMimeDecoder();
if (auth == null) {
    response.setStatus(response.SC_UNAUTHORIZED);
    response.setHeader("WWW-Authenticate", "NTLM");
    return;
}
if (auth.startsWith("NTLM ")) { 
    byte[] msg = mimeDecoder.decode(auth.substring(5));
    int off = 0, length, offset;
    String s;

    if (msg[8] == 1) { 
        off = 18;

        byte z = 0;
        byte[] msg1 =
            {(byte)'N', (byte)'T', (byte)'L', (byte)'M', (byte)'S',
            (byte)'S', (byte)'P', z,
            (byte)2, z, z, z, z, z, z, z,
            (byte)40, z, z, z, (byte)1, (byte)130, z, z,
            z, (byte)2, (byte)2, (byte)2, z, z, z, z,
            z, z, z, z, z, z, z, z};
        response.setStatus(response.SC_UNAUTHORIZED);
        response.setHeader("WWW-Authenticate", "NTLM " + mimeEncoder.encodeToString(msg1).trim());
        return;
    } 
    else if (msg[8] == 3) { 
        off = 30;
        length = msg[off+17]*256 + msg[off+16];
        offset = msg[off+19]*256 + msg[off+18];
        s = new String(msg, offset, length);
    } 
    else {
        return;
    }

    length = msg[off+1]*256 + msg[off];
    offset = msg[off+3]*256 + msg[off+2];
    s = new String(msg, offset, length);
    length = msg[off+9]*256 + msg[off+8];
    offset = msg[off+11]*256 + msg[off+10];
    s = new String(msg, offset, length);    

    result=s.replaceAll("\\W", "");

}
%>
<p>Username: <%=result %></p>

In this test code, the username should be outputted. I've tested this with IE and Chrome on a networked device and this appears to work. Interestingly Chrome will only supply the username over SSL though - worth noting.

I ran this with GlassFish and didn't need any of the JavaScript - this should happily work on its own.

Solution 3

nono... That's Firefox. Firefox gives you a ridiculous amount of control over the browser and even outside the browser. You will not be able to do that in chrome because it is sandboxed. Google chrome does not provide API for accessing anything outside the browser.

you CAN make an NPAPI plugin, but that's about it. When the NPAPI plugin runs it asks the user for unrestricted access from the plugin which is kind of suspicious for most.

19,417

Author by

Adrien Be

Think twice.

Updated on June 14, 2022

Comments

Adrien Be almost 2 years

I want to get the Windows username of the user browsing my web page (this is for an intranet). This must be working on IE8, Chrome, and Firefox (Safari would be a plus).

I came across this solution for Java:

http://www.ioplex.com/ : Jespa - Java Active Directory Integration

But this is a proprietary software library and even the example they provide does not work on my web application because we are not using an Apache web server.

A solution in Java would be ideal if anyone got something?

There seems to be some kind of solution in javascript: How to get the windows user name using javascript in google chrome browser for google chrome extension

But nothing is said about IE8 and the Chrome solution seems quite a bit of work.

Thanks in advance
AhmetRasitBekar about 5 years

You are something like a superhero. Thank you.
AhmetRasitBekar about 5 years

that code messed up all the servlets i am using. Works for getting userId but it breaks everything else!
Alex Ward almost 5 years

For reference, I've since discovered that this does work for Firefox, but not necessarily out of the box. You need to enable authentication over NTLM for Firefox - this link explains how - I just added the URI I needed as a trusted URI and it worked. IE and Chrome share each others settings, so as long as NTLM authentication is enabled in IE (preferably in Group Policy), it'll work fine for Chrome.